home › Wallpaper › Protecting wired Internet from connection. Wi-Fi network protection. Protecting your router. Block remote access to the router

Protecting wired Internet from connection. Wi-Fi network protection. Protecting your router. Block remote access to the router

Despite all the elementary steps to protect your home Wi-Fi network, many people neglect this until they suddenly notice that the Internet speed has dropped sharply, and the printer has started printing “piquant” pictures without asking, hopelessly destroying the ink

Usually the first thing that comes to the mind of an inexperienced user is to press the small “reset” button recessed into the router body with a sharp object. Apparently there is an analogy with a frozen personal computer. This action helps to some extent, but not for long. So how can you protect yourself from outside interference? What tricky manipulations need to be done for this?

The fact is that there are cases when the matter does not end with evil jokes and traffic theft. Having full access to the web interface, an attacker can, for example, rob your online wallet, and all because you didn’t bother to change the factory login and password on the router. Let's look at a few important steps that will protect your router from external intrusion.

Step 1: change the password for the web interface

One of the simplest but most effective means of protection home network from hacking is a regular password change. There are those who neglect this action, citing poor memory and the need to come up with a long password, which, however, does not prevent them from resetting it with ease.

Therefore, it is enough to choose the WPA2 encryption algorithm, come up with a ten-digit code consisting of a random set of letters and numbers, and then simply write it on a piece of paper, the box of the router, or simply stick a sticker at the bottom of the device. It is unlikely that any of your guests would think of “stealing” such information, so this elementary method is quite suitable for people who do not want to bother their heads with unnecessary combinations. Just don’t come up with “readable” passwords, for example, write your first and last name in Russian letters in English - it’s easier to crack such a code than to invent it

As for guest access points, it is not recommended to use them, and if there is such a need, isolate them from the main one local network. If your router supports this option, then this will not be difficult at all by selecting the appropriate item in the menu. If you share your network with a neighbor on the site, completely trusting each other, then exchanging passwords and changing them by mutual agreement is much easier than inviting anyone to “visit”.

Step 2: disable WPS and exit the web interface correctly

So, we set a password and gave ourselves our word of honor that you will change the code for the router at least once a month. Now we disable the WPS function, which uses a digital PIN code to connect new devices, since it is enabled by default in many models. You will not suffer any harm from this action if you do not have to regularly connect third party devices, but if this happens, it’s easy to type the access password on your smartphone or tablet again. After all, that’s why a home network is called home and not public, and they don’t come to visit you in order to constantly use the “free” Internet.

There is another elementary method, but it requires habit. You just need to exit the web interface through the appropriate “button”, rather than simply closing the tab in the browser. At all this action will be a useful and safe solution in any such case, especially with regard to terminating the Internet banking session. For those who do not understand why this is needed, we will explain. There is such a thing as a cache, which remembers the latest actions in the browser. You've probably noticed more than once that sometimes, having accidentally closed, for example, a Qiwi wallet, you reopen the page and log in to a protected resource without entering a password. This doesn’t happen often, but it does happen, which means it won’t be difficult for an attacker to take advantage of your cache.

In the event of a “direct” logout, the cache is updated to its original state and in order to access the web interface, you will need to log in again. It should be noted that you should not use automatic saving of passwords in the browser in this particular case. You are not such a frequent visitor to the “admin panel” of the router that the system remembers you. It sounds, of course, banal, but it is compliance with banal rules that is sometimes protected better than “cunning” data encryption systems.

Step 3: change the local subnet and update the router firmware

By default, the IP address of your router looks like “192.168.0.0” or “192.168.1.0”, which is known to many people, and is also reflected on the nameplate of the device. It's the same as writing your full name on the wall of the house opposite. and the exact address of residence, and to be sure, draw a route map. Why do you need this? Change your IP address in the router settings, fortunately this is not difficult to do, and you can come up with any name for the local subnet.

In addition, regular firmware updates will make it possible to take advantage of new functions of the device, and therefore provide more reliable data encryption developed by the manufacturer. You can simply turn on auto-update, or even better, visit the router manufacturer’s website and download the new “update” yourself, since in this case it will always be fresh.

Conclusion

We did not demonstrate the fine-tuning of the router for one simple reason - in most cases of attempts to hack your home network, these tips will help you perfectly. After all, anything can be hacked. Another thing is, what interest does a professional hacker have in your local area if he can penetrate corporate network the whole enterprise. But these steps will easily protect you from small dirty tricks and lovers of free Internet, and it will take you no more than 15-20 minutes to set up security once and for all.

Vladimir Osadchy

Today, when in most homes you can catch a wireless Internet network, the question of how to set a password for wifi takes on the role of an important aspect of ensuring data security. Creating a reliable “line of defense” for a home network is quite a responsible matter, and has its own subtleties. With this in mind, you will benefit from adopting the knowledge and advice offered in this article.

The plan for introducing the topic will be as follows:

First, we will cover the main existing types of encryption in wifi networks;
Then we’ll look at a general example of how to password protect a network.

Encryption in WIFI networks

Personal information stored in files on a computer connected to wireless network, may be accessible to strangers who do not have the right to do so. In other words, with bad intent or not, for fun or profit, unauthorized access to the entire contents of a PC can be obtained through a network without a password. To prevent this, various encryption methods have been developed to protect users. Further about what they exist.

WEP

This technology (802.11 standard) was one of the first systems to ensure the security of a wifi network. It provided weak protection, which is why it was often hacked by hackers for the purpose of stealing important information. The result of this has been a significant slowdown in the adoption of wifi networks in companies and business organizations. The managers did not have the slightest confidence in the confidentiality of communications transmitted through wireless communication, data. In addition, this system did not provide the ability to set a password.

The IEEE Institute took up the solution to this problem, which organized 802.11i, a working group that began creating a new data encryption model that can protect wifi networks.

The result was the emergence of WPA (Wifi Protected Access or secure access) in 2004. The new system corrected the shortcomings of the old one thanks to the combination of several technologies that could solve the problem of its vulnerability and put an end to the history of easy network hacking.

WPA

The 802.1x standard, as mentioned above, replaced 802.11. The main difference was mutual authentication and constant encapsulation of data transmitted between the server and client access points. The authentication protocol (EAP) has also been expanded.

We invite you to familiarize yourself with a schematic representation of the operation of WAP and many other security systems (see figure)

In addition, Temporary Key Integrity Protocol (TKIP) and MIC methods have been integrated into WAP - check sum message that prevents any modification of data packets during transmission. Working together, these technologies can reliably protect the network, giving the right to connect to it only to users who own the password.

WPA2

The next leap towards network security was the release of the WPA2 (802.11i) program. Only with its advent, enterprises and companies began to actively implement wireless networks, giving privacy a special role.

The most important innovation was the introduction of AES, a 128-bit advanced data encryption algorithm. It allows you to put an end to the work of the cipher “blocker”, which makes it possible to use one code for both authentication and encryption. It has now become mandatory to use different ciphers for each of these operations. We also added key caching and pre-authentication of users (to organize them by access points).

There are modifications of the 802.11i standard:

802.11r is a technology specializing in the fast and reliable transfer of key hierarchies based on the Handoff algorithm. This standard wifi is fully compatible with 802.11a/b/g/n modifications.
802.11w is intended to improve the security mechanism by placing greater emphasis on protecting 802.11i-based control packets. Both of these standards belong to the 802.11n group.

Thus, the use of the latest (WPA2) standard when organizing wireless network security is obvious.

Enough theory. The next step should be to organize protection wifi password, which we will now consider.

Wifi password - installation details

A wireless network makes it possible to connect various devices to the Internet within a radius far beyond the apartment. Therefore, if your wifi is not password protected, your neighbors will be able to use it. And it’s one thing if such an unauthorized “visit” is made only for the sake of receiving free internet, and quite another thing if its goal is to obtain personal information to commit fraudulent activities.

Therefore, setting a wifi password is a top priority after creating and configuring the network.

This procedure may vary slightly when working with different models routers. But despite this, there is one general algorithm settings that apply in all cases.

Step 1

The first operation required to password protect the network is to enter the router settings.

It comes with a CD designed to make setting up the equipment easier. But if you find it difficult to find it, you can use the router’s web interface. In this case, you will need to launch a web browser and enter a special code (a construction consisting of “http://” and “IP router”) in the address bar. Standard addresses for most routers start with “192.168.”, and then follow: “1.1”, “0.1”, “2.1” (for example, 192.168.1.1). Which one is suitable in your case? You can find this out by looking at back cover router (for 99% of cases), or by looking on the Internet.

Please note the following:

It is better to enter the router settings from a computer connected to it using an Ethernet cable. When using a wifi connection, you will have to repeat the login procedure every time after any change.
The name and password for the router is almost always “admin”. If it doesn’t work, look through the instructions to find the correct option, or look at the back cover of the device.
If you find it difficult to remember the password you set earlier, reboot the router with the Reset button. This will reset all user settings on the device, returning them to factory settings.

Step 2

Now you need to find a tab with a name similar to “Network Security Properties”. It is most often located in the “Wifi Settings” or the “Security” section. Having trouble locating a tab? You can enter the name of your router model into the search and determine its location.

Step 3

Next you need to select the type of data encryption. Modern models provide for the use of various network protection methods. We talked about the features of each at the beginning of the article. And, as discussed there, it is most advisable to use WPA2 today due to its highest reliability.

Important! Older router models may not be able to use WPA2. Therefore, you need to install either WPA or change the device to a more modern one.

STEP 4

After choosing an encryption method, you need to install its algorithm. For WPA2-Personal you need to install AES. The other one - TKIP - is much inferior to the first in reliability, and it is not advisable to use it.

Important! Some router models no longer even provide TKIP, as it is outdated and cannot provide the required level of protection.

Step 5

Here we are the most important stage the entire procedure. You need to decide on the SSID (access point name) and set a password for the wifi (in other words, specify a code word or password protect the network).

When choosing a secret phrase, consider:

The password should be a combination of both numbers and symbols, and it is very good if they are mixed. Complicating it this way secret code, you will be able to pose a difficult task to detractors who want to pick him up.
The Internet is littered with many generators simple passwords, with the help of which they are hacked in a matter of seconds.

Step 6. Last

All that remains is to save the new settings and reboot the router. Click on “Apply” (“save”, “save”, “apply”...), and all changes will be ready to take effect. This will happen only after rebooting the router. In most cases, the router will begin to reboot on its own, and all connected devices will necessarily disconnect from wifi. To notify them of changes in the network, you will have to re-establish the connection and enter the new password specified in the previous step.

Important to remember:

If the automatic reboot does not start after saving, you will need to do it manually. You need to unplug the router from the power supply, count to 10, and then turn it on again. You can start working after it completes the initial boot. The indicator lights will indicate its completion and stop blinking chaotically.
This reboot is different from the one obtained as a result of pressing the RESET button! The latter will erase all your settings, resetting them to the initial (factory) settings.
To prevent network intrusions, it is recommended to change your password at least twice a year.

Remember, you have everything you need at your disposal so as not to compromise the security of your personal data. The main thing is to learn how to use wireless network security methods.

Most of us have been using a Wi-Fi router for wireless Internet access for a long time. But such a connection must be protected, otherwise strangers will be able to use it, which will lead to signal deterioration, and in the worst case, to its loss.

Almost all of us know that you must set a password on Wi-Fi, but there are several more ways to secure your network. We will look at how to install a good key to protect your network and use all available security measures for your router.

Since most routers have a standard IP address, anyone can enter it into their device and gain access to the settings. Therefore, before changing them, you need to close the login to the router settings by changing the login and password.

Often, in all models, regardless of manufacturer, the word Admin is used to fill out both of these lines. We should set a new name and key to prevent other people from changing the hardware configuration.

To do this, do the following:

Go to the System Tools section.
Select the Password tab, enter standard and new data to enter the settings - come up with an original login and password that will be impossible for strangers to guess, but easy for you to remember.

Setting a Wi-Fi password

A password is a basic means of protecting a wireless network. To protect it with a good and complex combination as a key, you need to go to the router settings. We will look at how this happens on TP-Link models. So, enter your IP address in the browser, select the Wireless section. Here we select the Wireless Settings item, where a password menu will appear.

Enter the old code, new login information and repeat them on the bottom line. Don't forget to save your changes!

How to create a good key?

Use numbers and letters, combine uppercase and lowercase characters.
Make the code long - from eight to twelve characters.
The most reliable type of encryption is WPA-PSK.

Changing the router name

The SSID refers to the name of the Wi-Fi point; it appears to us in the list of enabled networks. Thanks to the name, we know which access point we should connect to, choosing it from the list among other equipment.

But the connection name is available not only to us, but also to everyone who is within the router’s coverage area. Therefore, in addition to creating a good key, it is worth hiding the SSID so that it is invisible in the list of connections when searching for a network via Wi-Fi.

To hide the router name, do the following:

Go to its settings through the address bar of your browser.
Go to the Wireless section and uncheck the box next to Enable SSID Broadcast.

One question remains: how to connect to the network if it is not shown in the list? To do this, select the option below to create a new connection in the list of searches for available networks, and manually enter your username and password. If all data is entered correctly, you will be connected to the Internet.

MAC Address Filtering

A Wi-Fi point can be made visible to a specific number of devices by adding them to the list in the router settings. This is done using the MAC address - every computer, laptop, or smartphone has one.

To find out its coordinates on your PC, go to the Network and Control Center through the Control Panel, select your Internet connection and view the properties. After clicking "Details" you will see the Physical Address - this is the MAC ID.

On other devices, you will find the relevant information in the “About the device” section.

To restrict access by MAC address, follow these steps:

Go to the router settings and select the Wireless section, then stop at the Wireless MAC Filtering menu.
Here select the line Allow the stations specified by any enabled entries in the list to access. After saving the settings Wi-Fi hotspot will become open only to those devices that are on the list.

How to add your address to settings? In the same menu there is a button Add new..., with its help you enter all the MAC addresses to which you will allow access to the Internet.

This protection option has only one drawback: if new devices are often connected to Wi-Fi, it will be inconvenient to add them to the list each time. Filtering by MAC address is not absolutely reliable, but it should be used in conjunction with other measures to protect your network from foreign equipment.

Setting individual IP addresses

This method of protection is more advanced than the previous one. You create a separate IP using the MAC ID of each individual user, and everyone else will not be able to use Wi-Fi.

To set the address, first of all, go to the DHCP section in the router settings and disable the server of the same name so that the connection coordinates are not determined automatically.

Below on the page you will see a list for entering the equipment to which you will allow connection. First of all, add your computer to it. To do this, you will need its MAC address, and then, at your discretion, come up with a separate IP code for it. And so on with each subsequent device. Don't forget to change the IP address in your computer's settings to the one you assigned to it in this list.

How to check who is using my Wi-Fi?

Check who is using your Wi-Fi from time to time to make sure your router's security mechanisms are working.

Use the settings, select the Statistics section. Here you will see the MAC addresses of all equipment that uses your Internet connection. Knowing the MAC address of your computer and other devices that you have allowed access to, you can weed them out and see if there are any unauthorized addresses of other users in the list.

Using all of the above protection methods, you can secure your network and protect it from unauthorized access by other users.

19.10.16 65 655 0

Why being big can cost you money

Evgeniy did not set a password for Wi-Fi in his apartment. Why bother? You can forget your password. And the fact that neighbors can use it is not a pity, the Internet is still unlimited.

Nikolay Kruglikov

young hacker

That’s what Evgeniy thinks, and he’s seriously mistaken. Let's figure out why open Internet at home is a bad idea and what it can mean for you.

Listening

Access points without a password are also called open, and it’s not just about the password. At such points, data via Wi-Fi is transmitted without encryption, in clear text. Since Wi-Fi is the same as radio waves, it is very easy to intercept traffic: just tune the antenna to the desired frequency and you will hear everything that is transmitted between the router and the computer. Without a password on the router, you simply broadcast to the entire neighborhood what you are currently doing on the Internet.

If you are on a porn site, any of your neighbors will be able to find out which video you are watching. If you send a letter, there is a high probability that it can be intercepted at the moment of sending. If you have VKontakte without encryption, then any neighbor will be able to read your personal messages.

How to protect yourself. You need to set a password for Wi-Fi. Of course, connections to some sites are encrypted using HTTPS, and you can also enable a VPN, but it is still much more reliable to protect the entire communication channel at once.

Exercise: set a password for Wi-Fi

Open your browser and enter the numbers 192.168.0.1 into the address bar. If nothing happens, try 192.168.1.1 and 10.0.0.1. A window will appear with fields for login and password.
Enter the username admin and password admin. If you don't like it, take a look standard password in the instructions for the router. Most likely it's something simple. Sometimes the login and password are written directly on the router body.
Find the link on the page that says Wi-Fi or Wireless. A screen will open where you can change your password.

If all else fails, call a professional. The master’s task is to password protect your Wi-Fi.

Set a Wi-Fi password of at least ten characters consisting of numbers and letters. Password 12345678 is the same as no password.

All instructions are designed for a home router. At work or in a cafe, they are unlikely to work, because network administrators disable access to the router settings for outsiders

There may be several encryption options in the settings. Each router has a different set of options, so choose the option that is most similar to WPA2-PSK (AES). This is the most secure encryption protocol available today. Combined with a good password, it will give you the best possible protection.

A strong encryption protocol is important. A bad protocol, like a bad password, makes it easier to crack. For example, the legacy WEP protocol can be cracked in a few hours.

Make sure you have WPS turned off. This technology allows you to connect to the router using an eight-digit pin. Unfortunately, after the widespread introduction of WPS, it turned out that it is extremely insecure: it takes only 10 hours to hack a connection even with the most secure protocol. The WPS settings are somewhere in the same place as the Wi-Fi settings.

Manipulating router settings

When hackers connect to your Wi-Fi, they gain access to the router's control panel and can reconfigure it in their own way. To get into your router, you just need to connect to Wi-Fi - you don’t need to be in the apartment. Some nasty schoolboy might be tinkering with your router’s settings right now.

Usually getting into the router settings is not so easy: you need to enter your username and password. But most people have a standard login and password on their router - admin / admin. If you did not change this setting on purpose, there is a high probability that any hacker will be able to break into the router.

Having gained access to the control panel, hackers can easily carry out a man-in-the-middle attack: they will make sure that between you and the site there is a malicious service that steals passwords. For example, the address tinkoff.ru will open not a real, but a fake site that will send them everything you enter. You won’t even know that you have accessed a malicious service: it will look exactly like a real online bank and will even let you in using your username and password. But in this case, the login and password will be in the hands of hackers.

How to protect yourself. Change the default administrator password to your own in the router settings. It should be no less secure than the Wi-Fi password, and at the same time it should be different.

Remote access

Hackers are rarely interested in you specifically, unless you are a top manager of a large company. More often than not, ordinary people fall under automated attacks when a hacker program looks for potential victims and tries to standard algorithm hacking

Some routers have the ability to connect to the web interface from an external network - that is, you can go into the router settings from anywhere where there is Internet, and not just from home.

This means that your router can be attacked not only by mischievous schoolchildren. The attack may not be targeted: just some hacker in Peru scanning a certain range of addresses for open routers. His program sees your router. Connects. The hacker doesn't even know who you are or where you are - he just sets up a redirect and goes back to his business. And your Facebook login, for example, falls into his hacker program.

Hackers carry out automated attacks on routers,
in which remote access is allowed

How to protect yourself. Check if the remote access feature is enabled on your router. It is often included in devices provided by communication providers. Providers need remote access for business purposes: this makes it easier for them to help users set up the network. However, providers may leave the default password in the web interface, making you an easy target for hacker programs.

Password and MAC address filtering should protect you from hacking. In fact, safety largely depends on your caution. Inappropriate security methods, uncomplicated passwords, and a careless attitude toward strangers on your home network provide attackers with additional attack opportunities. In this article, you will learn how to crack a WEP password, why you should abandon filters, and how to secure your wireless network from all sides.

Protection from uninvited guests

Your network is not secure, therefore, sooner or later, an outsider will connect to your wireless network - perhaps not even on purpose, since smartphones and tablets can automatically connect to unsecured networks. If he just opens several sites, then, most likely, nothing bad will happen except for the consumption of traffic. The situation will become more complicated if a guest starts downloading illegal content through your Internet connection.

If you have not yet taken any security measures, then go to the router interface through a browser and change your network access data. The router address usually looks like: http://192.168.1.1. If this is not the case, then you can find out the IP address of your network device through command line. In the operating room Windows system 7 Click on the “Start” button and enter the “cmd” command in the search bar. Call up the network settings with the “ipconfig” command and find the “Default gateway” line. The specified IP is the address of your router, which must be entered in the address bar of the browser. The location of your router's security settings varies by manufacturer. As a rule, they are located in a section with the name “WLAN | Safety".

If your wireless network uses an unsecured connection, you should be especially careful with content located in folders with shared access, since in the absence of protection it is at the complete disposal of other users. At the same time, in operating system In Windows XP Home, the situation with shared access is simply catastrophic: by default, passwords cannot be set here at all - this function present only in professional version. Instead, all network requests are made through an unsecured guest account. You can secure your network in Windows XP using a small manipulation: launch the command line, enter “net user guest YourNewPassword” and confirm the operation by pressing the “Enter” key. After reboot Windows access network resources It will be possible only if you have a password, however, finer tuning in this version of the OS, unfortunately, is not possible. Managing sharing settings is much more convenient in Windows 7. Here, to limit the number of users, just go to the “Network and Sharing Center” in the Control Panel and create home group password protected.

The lack of proper security on a wireless network is a source of other dangers, as hackers can use special programs(sniffers) identify all unsecured connections. This way, it will be easy for hackers to intercept your identification data from various services.

Hackers

As before, the two most popular security methods today are MAC address filtering and hiding the SSID (network name): these security measures will not keep you safe. In order to identify the name of the network, an attacker only needs a WLAN adapter, which switches to monitoring mode using a modified driver, and a sniffer - for example, Kismet. The attacker monitors the network until a user (client) connects to it. It then manipulates the data packets and thereby kicks the client off the network. When the user reconnects, the attacker sees the network name. It seems complicated, but in fact the whole process only takes a few minutes. Bypassing the MAC filter is also easy: the attacker determines the MAC address and assigns it to his device. Thus, the connection of an outsider remains unnoticed by the network owner.

If your device only supports WEP encryption, take immediate action - such a password can be cracked even by non-professionals in a few minutes.

Particularly popular among cyber fraudsters is the Aircrack-ng software package, which, in addition to the sniffer, includes an application for downloading and modifying WLAN adapter drivers, and also allows you to recover the WEP key. Well-known hacking methods are PTW and FMS/KoreK attacks, in which traffic is intercepted and a WEP key is calculated based on its analysis. In this situation, you have only two options: first, you should look for the latest firmware for your device, which will support the latest encryption methods. If the manufacturer does not provide updates, it is better to refuse to use such a device, because in doing so you are jeopardizing the security of your home network.

Popular advice to reduce the radius Wi-Fi actions gives only the appearance of protection. Neighbors will still be able to connect to your network, but attackers often use Wi-Fi adapters with a longer range.

Public hotspots

Places with free Wi-Fi attract cyber fraudsters because huge amounts of information pass through them, and anyone can use hacking tools. Public hotspots can be found in cafes, hotels and other public places. But other users of the same networks can intercept your data and, for example, take control of your Accounts on various web services.

Cookie Protection. Some attack methods are truly so simple that anyone can use them. Firesheep extension for Firefox browser automatically reads and displays in a list the accounts of other users, including Amazon, Google, Facebook and Twitter. If a hacker clicks on one of the entries in the list, he will immediately have full access to the account and will be able to change the user's data at his discretion. Firesheep does not crack passwords, but only copies active, unencrypted cookies. To protect yourself from such interceptions, you should use the special HTTPS Everywhere add-on for Firefox. This extension forces online services to always use an encrypted connection via HTTPS if supported by the service provider's server.

Android protection. In the recent past, a flaw in the operating room has attracted everyone's attention. Android system, which could allow scammers to gain access to your accounts on services such as Picasa and " Google Calendar", as well as read contacts. Google Company eliminated this vulnerability in Android 2.3.4, but most devices previously purchased by users have older versions of the system installed. To protect them, you can use the SyncGuard application.

WPA 2

The best protection is provided by WPA2 technology, which has been used by computer equipment manufacturers since 2004. Most devices support this type of encryption. But, like other technologies, WPA2 also has its weak point: using a dictionary attack or the bruteforce method, hackers can crack passwords - however, only if they are unreliable. Dictionaries simply go through the keys stored in their databases - as a rule, all possible combinations of numbers and names. Passwords like “1234” or “Ivanov” are guessed so quickly that the hacker’s computer doesn’t even have time to warm up.

The bruteforce method does not involve using a ready-made database, but, on the contrary, selecting a password by listing all possible combinations of characters. In this way, an attacker can calculate any key - the only question is how long it will take him. NASA, in its security guidelines, recommends a password of at least eight characters, and preferably sixteen. First of all, it is important that it consists of lowercase and uppercase letters, numbers and special characters. It would take a hacker decades to crack such a password.

Your network is not yet fully protected, since all users within it have access to your router and can make changes to its settings. Some devices provide additional security features that you should also take advantage of.

First of all, disable the ability to manipulate the router via Wi-Fi. Unfortunately, this feature is only available on certain devices, such as Linksys routers. All modern router models also have the ability to set a password for the management interface, which allows you to restrict access to settings.

Like any program, the router firmware is imperfect - small flaws or critical holes in the security system are not excluded. Usually information about this instantly spreads across the Internet. Regularly check for new firmware for your router (some models even have a function automatic update). Another advantage of flashing firmware is that it can add new features to the device.

Periodic analysis of network traffic helps to recognize the presence of uninvited guests. In the router management interface you can find information about which devices connected to your network and when. It is more difficult to find out how much data a particular user has downloaded.

Guest access - a means of protecting your home network

If you protect your router with a strong password using WPA2 encryption, you will no longer be in any danger. But only until you share your password with other users. Friends and acquaintances who, with their smartphones, tablets or laptops, want to access the Internet through your connection are a risk factor. For example, the possibility that their devices are infected cannot be ruled out malware. However, you won't have to refuse your friends because of this, since top-end router models, such as the Belkin N or Netgear WNDR3700, provide guest access specifically for such cases. Advantage this mode The problem is that the router creates a separate network with its own password, and the home network is not used.

Security Key Reliability

WEP (WIRED EQUIVALENT PRIVACY). Uses a pseudo-random number generator (RC4 algorithm) to obtain the key, as well as initialization vectors. Since the latter component is not encrypted, it is possible for third parties to intervene and recreate the WEP key.

WPA (WI-FI PROTECTED ACCESS) Based on the WEP mechanism, but offers a dynamic key for extended security. Keys generated using the TKIP algorithm can be cracked using the Bek-Tevs or Ohigashi-Moriya attack. To do this, individual packets are decrypted, manipulated, and sent back to the network.

WPA2 (WI-FI PROTECTED ACCESS 2) Uses the reliable AES (Advanced Encryption Standard) algorithm for encryption. Along with TKIP, the CCMP protocol (Counter-Mode/CBC-MAC Protocol) has been added, which is also based on the AES algorithm. Until now, a network protected by this technology could not be hacked. The only option for hackers is a dictionary attack or "brute force method", where the key is guessed by guessing, but complex password it is impossible to pick it up.

Popular in the category: